Study finds malware lurking in Amazon, Google and Groupon cloud services. From SC Magazine.
A recent study detected more than 600 cloud repositories hosting malware and other malicious activities on major cloud platforms including Amazon, Google, Groupon and thousands of other sites.
Researchers from the Georgia Institute of Technology, Indiana University Bloomington and the University of California Santa Barbara scanned more than 140,000 sites on 20 major cloud hosting services and found that as many as 10 percent of the repositories hosted by them had been compromised, according to the “Lurking Malice in the Cloud: Understanding and Detecting Cloud Repository as a Malicious Service”.
If you use Waze, hackers can stalk you. From Fusion.net. Researchers at the University of California-Santa Barbara recently discovered a Waze vulnerability that allowed them to create thousands of “ghost drivers” that can monitor the drivers around them—an exploit that could be used to track Waze users in real-time. They proved it to me by tracking my own movements around San Francisco and Las Vegas over a three-day period.
- Meet the malware that screwed a Bangladeshi bank out of $81m. From The Register. February’s hack against Bangladesh’s central bank that netted $81m in diverted funds is one of the biggest cyber heists of all time. Now researchers think they’ve found the malware that did it. A sample of the software nasty was obtained by researchers at defense contractors BAE Systems. The malware appears to have been custom built to use the global SWIFT (Society for Worldwide Interbank Financial Telecommunication) system and its Alliance Access backend.
- RuMMS Android Malware Attacks via SMS Spam, Steals Money from Bank Accounts. From Softpedia. Security researchers have discovered a new Android malware family that’s being spread using SMS spam messages and has been secretly stealing money from victims’ bank accounts after infecting their devices. At the time of writing, this malware family which FireEye researchers have named RuMMS has targeted only users living in Russia. The first infections hit users on January 18 and have continued until late April.
- National Infrastructure Attacks Mark Ominous Milestone for Cyber Security From InfoSecurity Magazine. Hundreds of thousands of homes across western Ukraine were suddenly left without power last December after a massive blackout. Though power was eventually restored, this event should serve as a wake up call for governments around the world, not just because of the severity, but due to the cause .
- Amazon force-resets some account passwords, citing password leak. From ZDNet. Amazon has force-reset an unknown number of accounts, after passwords may have been compromised. A number of readers told ZDNet they received an email from Amazon saying the company has reset their account password. The message was also sent to their account message center on Amazon.com, and Amazon.co.uk, confirming the message is genuine.
- Hackers Have Launched a War Against the KKK. From EpochTimes. Over the course of the last couple months, websites belonging to the KKK flicked off and on, members of the hate group have had their identities posted online, and their recruiting efforts have been attacked. This has been the work of several hacker collectives, including Anonymous and BinarySec, under a loosely-coordinated operation they’re calling #OpKKK.
- The Latest Data Breach Involves The Voting Records Of 93.4 Million Mexican Citizens. From Yahoo News. Yet another data breach has grabbed international headlines, and this one involves the voting registration records of some 93.4 million Mexican citizens. On April 14, Chris Vickery of MacKeeper discovered that he was able to access a tome of information, including names, birth dates, home addresses, ID numbers, and more, all on an unprotected Amazon cloud server.
This one chart explains why cybersecurity is so necessary. From TrueViralNews (Infographic From BI Intelligence)
Church website hacked by alleged terrorist group. From Fox17 West Michigan. A church in West Michigan is trying to figure out why their website was a target for hackers over the weekend. An alleged terrorist group is taking credit for hacking Lamont Christian Reformed Church’s website. It was 15-year old Elizabeth Storteboom who discovered the website was hacked. Friday night instead of the churches website she read “You have been hacked by the United Cyber Caliphate”, a group that claims to be a cyber army for the Islamic State.
- Vancouver student expelled for hacking high school email system. From Fox19 Cincinnati. A Vancouver Public School District spokesperson said Skyview High School email system was hacked early Tuesday morning by a student. Communications Director Patricia Nuzzo said the student was “emergency expelled” until appropriate disciplinary action can be determined.